Many XML applications are invoked by passing them parameters using HTTP GET queries

+

Many XML applications are invoked by passing them parameters using HTTP GET queries.

+

Example:

Example:

The HTTP request with query string /viewDetail=detail-10293, the HTTP GET parameter is detail- 10293).

The HTTP request with query string /viewDetail=detail-10293, the HTTP GET parameter is detail- 10293).

+

These are sometimes known as “REST-style" Web Services. These Web Services can be attacked by passing malicious content on the HTTP GET string (e.g. Extra long parameters (2048 chars), SQL statements/injection or OS Injection parameters).

These are sometimes known as “REST-style" Web Services. These Web Services can be attacked by passing malicious content on the HTTP GET string (e.g. Extra long parameters (2048 chars), SQL statements/injection or OS Injection parameters).

+

(REST = Representational State Transfer).

Revision as of 05:46, 26 October 2006

HTTP GET parameters.

Many XML applications are invoked by passing them parameters using HTTP GET queries.

Example:
The HTTP request with query string /viewDetail=detail-10293, the HTTP GET parameter is detail- 10293).

These are sometimes known as “REST-style" Web Services. These Web Services can be attacked by passing malicious content on the HTTP GET string (e.g. Extra long parameters (2048 chars), SQL statements/injection or OS Injection parameters).
(REST = Representational State Transfer).